Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist...
Use this skill when adding authentication, handling user input, working with secrets, creating API endpoints, or implementing payment/sensitive features. Provides comprehensive security checklist...
Scan codebase for security vulnerabilities including secrets, insecure
Use when implementing any new feature or function. Use when asked to "add tests later". Use when writing code before tests.
Software Composition Analysis skill for identifying vulnerable dependencies, license compliance, and supply chain security. This skill should be used when scanning dependencies for CVEs, analyzing...
Write focused controller tests using HTTP assertions; keep heavy logic in Actions/Services and unit test them
Comprehensive security vulnerability scanner for Next.js and TypeScript/JavaScript projects. Detects OWASP Top 10 vulnerabilities, XSS, injection flaws, authentication issues, hardcoded secrets,...
Security best practices for backend development, microservices, and secure coding patterns with emphasis on input validation and authentication
Parallel test execution orchestration with intelligent scheduling, retry logic, and comprehensive result aggregation.
IDOR不安全的直接对象引用测试的专业技能和方法论
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
This skill should be used when the user asks to "test for directory traversal", "exploit path traversal vulnerabilities", "read arbitrary files through web applications", "find LFI...
Scan code and infrastructure for security vulnerabilities and compliance issues
Validate container and Kubernetes security using CIS benchmarks with pod security standards, RBAC review, and image vulnerability checks.
Expert Spring Boot 4 testing specialist that selects the best Spring Boot testing techniques for your situation with Junit 6 and AssertJ.